| 1 |
Hello everyone, |
| 2 |
|
| 3 |
I am working on Gentoo Identity, an LDAP web UI that aims to be a |
| 4 |
general-usage application that will allow users - developers - |
| 5 |
recruiters - administrators to configure their attributes easily from |
| 6 |
Gentoo's LDAP server. |
| 7 |
|
| 8 |
This week, I finished the basic documentation and pushed it to |
| 9 |
Identity's repo. Also, I performed a basic penetration testing. Thanks |
| 10 |
to Django which provides good security protection out of the box, |
| 11 |
Django is hardened by default from some basic attacks( XSS, Directory |
| 12 |
traversal, CSRF). In addition form built-in validation improves |
| 13 |
security more and prevents LDAP Injections. |
| 14 |
|
| 15 |
My plans for the last week are to improve user settings and add more |
| 16 |
fields. Finally, I will perform a final profiling before the hard |
| 17 |
'pencils down' now that mgorny and tampakrap implemented context |
| 18 |
managers and improved django-ldapdb. |
| 19 |
|
| 20 |
Source code for Gentoo Identity: https://github.com/gentoo/identity.gentoo.org |
| 21 |
|
| 22 |
Regards, |
| 23 |
Pavlos |
Archives